Migrate from old repository

templates/apk-repositories

@@ -0,0 +1,2 @@
+https://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/main
+https://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/community

templates/chrony.conf.j2

@@ -0,0 +1,34 @@
+# {{ ansible_managed }}
+
+# List of NTP servers to use.
+{% if ansible_hostname == 'hesat' %}
+pool ntp.tuxfamily.net iburst
+pool fr.pool.ntp.org iburst
+server 2a01:e0a:2b:2250::b
+{% else %}
+{% for server in ntp_pool %}
+pool {{ server }} iburst
+{% endfor %}
+
+initstepslew 10 {{ ntp_pool[0] }}
+{% endif %}
+
+# Record the rate at which the system clock gains/losses time.
+driftfile /var/lib/chrony/chrony.drift
+
+# In first three updates step the system clock instead of slew
+# if the adjustment is larger than 1 second.
+makestep 1.0 3
+
+# Enable kernel synchronization of the real-time clock (RTC).
+rtcsync
+
+cmdport 0
+
+user ntp
+
+{% if ntp_served_for is defined %}
+{% for network in ntp_served_for %}
+allow {{ network }}
+{% endfor %}
+{% endif %}

templates/hostname.j2

@@ -0,0 +1 @@
+{{ inventory_hostname }}

templates/msmtprc.j2

@@ -0,0 +1,14 @@
+defaults
+
+account here
+{% if rewrite_domain is defined %}
+from root@{{ rewrite_domain }}
+set_from_header on
+{% else %}
+from root@{{ ansible_hostname }}.{{ ansible_domain }}
+{% endif %}
+host {{ mailhub }}
+port 25
+tls on
+
+account default : here

templates/networking.j2

@@ -0,0 +1,39 @@
+# The loopback network interface
+auto lo
+iface lo inet loopback
+{% if local_network.dns is defined %}
+    dns-nameservers {{ local_network.dns }}
+{% endif %}
+
+# The main interface
+auto eth0
+{% if wanted_ip4 is defined %}
+iface eth0 inet static
+    address {{ wanted_ip4 }}/24
+    gateway {{ local_network.gateway }}
+{% else %}
+iface eth0 inet dhcp
+{% endif %}
+{% if wanted_ip6 is defined %}
+iface eth0 inet6 static
+{% if local_network.gateway6 is defined %}
+    address {{ wanted_ip6 }}/64
+    gateway {{ local_network.gateway6 }}
+    pre-up echo 0 > /proc/sys/net/ipv6/conf/eth0/accept_ra
+{% else %}
+    address {{ wanted_ip6 }}/128
+    post-up ip addrlabel add prefix {{ wanted_ip6 }}/64 label 99
+    post-up ip addrlabel add prefix {{ wanted_ip6 }}/128 label 1
+{% endif %}
+{% endif %}
+
+{% if wanted_serekh is defined %}
+auto wg-serekh
+iface wg-serekh inet6 static
+    address {{ wanted_serekh }}/64
+    pre-up ip link add dev wg-serekh type wireguard
+    pre-up wg setconf wg-serekh /etc/wireguard/wg-serekh.conf
+    post-down ip link delete dev wg-serekh
+{% endif %}
+
+source-directory /etc/network/interfaces.d

templates/ssmtp.conf.j2

@@ -0,0 +1,56 @@
+#
+# /etc/ssmtp.conf -- a config file for sSMTP sendmail.
+#
+
+# The person who gets all mail for userids < MinUserId
+# Make this empty to disable rewriting.
+root=postmaster
+
+# All mail delivered to userid >= MinUserId goes to user, not root.
+#MinUserId=1000
+
+# The place where the mail goes. The actual machine name is required
+# no MX records are consulted. Commonly mailhosts are named mail.domain.com
+# The example will fit if you are in domain.com and your mailhub is so named.
+#mailhub=mail
+mailhub={{ mailhub }}
+
+# Example for SMTP port number 2525
+# mailhub=mail.your.domain:2525
+# Example for SMTP port number 25 (Standard/RFC)
+# mailhub=mail.your.domain
+# Example for SSL encrypted connection
+# mailhub=mail.your.domain:465
+
+# Where will the mail seem to come from?
+{% if rewrite_domain is defined %}
+rewriteDomain={{ rewrite_domain }}
+{% else %}
+#rewriteDomain=
+{% endif %}
+
+# The full hostname
+
+# Gentoo bug #47562
+# Commenting the following line will force ssmtp to figure
+# out the hostname itself.
+
+# hostname=_HOSTNAME_
+
+# Set this to never rewrite the "From:" line (unless not given) and to
+# use that address in the "from line" of the envelope.
+#FromLineOverride=YES
+
+# Use SSL/TLS to send secure messages to server.
+#UseTLS=YES
+
+# Use SSL/TLS certificate to authenticate against smtp host.
+#UseTLSCert=YES
+
+# Use this RSA certificate.
+#TLSCert=/etc/ssl/certs/ssmtp.pem
+
+# Get enhanced (*really* enhanced) debugging information in the logs
+# If you want to have debugging of the config file parsing, move this option
+# to the top of the config file and uncomment
+#Debug=YES

templates/watchdog-deb.conf.j2

@@ -0,0 +1,50 @@
+#ping		                = 172.31.14.1
+#ping				                  = 172.26.1.255
+#interface					          = eth0
+#file							                    = /var/log/messages
+#change									            = 1407
+
+# Uncomment to enable test. Setting one of these values to '0' disables it.
+# These values will hopefully never reboot your machine during normal use
+# (if your machine is really hung, the loadavg will go much higher than 25)
+#max-load-1	           = 24
+#max-load-5		           = 18
+#max-load-15			           = 12
+
+# Note that this is the number of pages!
+# To get the real size, check how large the pagesize is on your machine.
+#min-memory          = 1
+#allocatable-memory  = 1
+
+#repair-binary	             = /usr/sbin/repair
+#repair-timeout		     = 60
+#test-binary		             =
+#test-timeout			             = 60
+
+# The retry-timeout and repair limit are used to handle errors in a more robust
+# manner. Errors must persist for longer than retry-timeout to action a repair
+# or reboot, and if repair-maximum attempts are made without the test passing a
+# reboot is initiated anyway.
+#retry-timeout	              = 60
+#repair-maximum		      = 1
+
+watchdog-device	      = /dev/watchdog
+watchdog-timeout = 16
+
+# Defaults compiled into the binary
+#temperature-sensor =
+#max-temperature    = 90
+
+# Defaults compiled into the binary
+#admin	   	                    = root
+#interval			            = 1
+#logtick                = 1
+#log-dir		        = /var/log/watchdog
+
+# This greatly decreases the chance that watchdog won't be scheduled before
+# your machine is really loaded
+realtime               = yes
+priority	               = 1
+
+# Check if rsyslogd is still running by enabling the following line
+#pidfile           = /var/run/rsyslogd.pid

templates/watchdog.conf.j2

@@ -0,0 +1,2 @@
+WATCHDOG_OPTS="-T 16 -t 10"
+WATCHDOG_DEV="/dev/watchdog"